[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Mon, 09 Apr 2018 01:11:31 -0700 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ef76d426 by security tracker role at 2018-04-09T08:10:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,11 @@
+CVE-2018-9858
+       RESERVED
+CVE-2018-9857 (PHP Scripts Mall Match Clone Script 1.0.4 has XSS via the 
search field ...)
+       TODO: check
+CVE-2018-9856 (Kotti before 1.3.2 and 2.x before 2.0.0b2 has CSRF in the local 
roles ...)
+       TODO: check
+CVE-2018-9855
+       RESERVED
 CVE-2018-9854
        RESERVED
 CVE-2018-9853
@@ -1080,7 +1088,7 @@ CVE-2016-10719
        RESERVED
 CVE-2018-9330 (register.jsp in Coremail XT3.0 allows stored XSS, as 
demonstrated by ...)
        NOT-FOR-US: Coremail XT3.0
-CVE-2018-9329 (The Bitdefender Antivirus 6.2.19.890 component, as configured 
for AV ...)
+CVE-2018-9329 (** DISPUTED ** The Bitdefender Antivirus 6.2.19.890 component, 
as ...)
        NOT-FOR-US: Bitdefender Antivirus
 CVE-2018-9328 (PHP Scripts Mall Redbus Clone Script 3.0.6 has XSS via the 
ter_from ...)
        NOT-FOR-US: PHP Scripts Mall Redbus Clone Script
@@ -2594,7 +2602,7 @@ CVE-2018-8764 (Roland Gruber Softwareentwicklung LDAP 
Account Manager before 6.3
        NOTE: https://www.ldap-account-manager.org/lamcms/node/354
        NOTE: 
https://github.com/LDAPAccountManager/lam/commit/993751c7ff0faa07b7c028295152cf9c20349688
 CVE-2018-8763 (Roland Gruber Softwareentwicklung LDAP Account Manager before 
6.3 has ...)
-       {DSA-4165-1}
+       {DSA-4165-1 DLA-1342-1}
        - ldap-account-manager 6.3-1
        NOTE: 
https://github.com/LDAPAccountManager/lam/commit/f1d7aec5fc4aaf516e1d8a6f0eb3082050553302
        NOTE: 
https://github.com/LDAPAccountManager/lam/commit/16fc7f7e8603c5cb7c129cfbf97fc572b9b8740c
@@ -8507,7 +8515,6 @@ CVE-2018-6596 (webhooks/base.py in Anymail (aka 
django-anymail) before 1.2.1 is 
 CVE-2018-6595
        RESERVED
 CVE-2018-6594 (lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 
generates ...)
-       {DLA-1283-1}
        - pycryptodome 3.4.11-1 (bug #889998)
        - python-crypto <unfixed> (bug #889999)
        [stretch] - python-crypto <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ef76d4267cb302af58c3e4592cfdd659eeda391a

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ef76d4267cb302af58c3e4592cfdd659eeda391a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to